I'm genuinely more excited for Apple's September 12, 2017 special event than I have been for any event since the iPhone 6. Still, Apple has now had two leaks leading up to the event, widely expected to include the announcement of iPhone 8, iPhone 8 Plus, and iPhone X, Apple Watch LTE, and Apple TV 4K HDR. The first one was an accident. The second one, not so much.
John Gruber, writing for Daring Fireball
My understanding is the same as John's: The leak was internal and malicious. And it was incredibly damaging to the company — a company that relies on surprise as a key way to generate marketing buzz and maintain excitement in the media. It's just about impossible to believe anyone in a position to leak those links wouldn't know that.
From Apple's perspective that means, come Tuesday afternoon, instead of hearing about the announcements and the surprises, we'll be hearing about how the leaks were confirmed and, from those in the media who continually mistake cynicism for intelligence, how "boring" Apple has become. (Imagine a movie critic reading a leaked plot to "The Last Jedi" and then claiming the movie lacked surprises...)
As hard as it is to believe someone inside Apple would leak the firmware, it just as hard to believe such a leak was possible. The firmware was live on the internet, protected only through obscured URL. That means, when the URLs were leaked, anyone could access the firmware. No VPN, login credentials, or other security checks required.
It's absolutely the fault of the leaker but my guess is that the days of security through obscurity are done and Apple locks down the firmware delivery process asap.
Update: Great point by Will Strafach on Twitter: Convenience is the enemy of security.
no internal insight on this, but my guess is acceptance testing was needed by folks who did not have access to their secure net.no internal insight on this, but my guess is acceptance testing was needed by folks who did not have access to their secure net.— Will Strafach (@chronic) September 10, 2017
Same with the HomePod firmware leak from last month. That leak wasn't malicious. It was the result of a mistake, at least at first. Someone copied an un-flagged version of the file to a public rather than a private directory.
It's not at all hard to believe that mistakes happen. It's still hard to believe that those kinds of mistakes can happen, though.
My guess is that Apple locks down that process asap as well, with both digital and human checks and safeguards.
I'm sure most people at Apple are too apoplectic to look for it right now, but if there's a silver lining for them in all this, that's it. Legacy has hellacious inertia and old processes don't die easily. Often, people are too busy to even stop and think about improving things that currently get the job done, even if imperfectly.
Then something like this happens, and top to bottom, everyone's will becomes bent on making sure it doesn't happen again.
Update: I've got no beef with leaks or the coverage thereof. But the world is nuanced and there are multiple perspectives and truths. Leaks provide considerable attention for websites that cover Apple, including iMore. They also inform customers who may be considering whatever products are about to be released. From Apple's perspective, though, they're damaging. They cost sales [on current devices], depress marketing, and the security enhancements that follow make it harder for many to do their jobs. That, in turn, can affect the next generation of products.
Update 2: There's a narrative going around that claims these were "controlled leaks" or "publicity stunts" from Apple. No, they weren't. This is not the kind of publicity the company wants or needs. Apple lives for the big reveal at the big event on the big stage. You can love or leave the leaks, whatever suits you. But don't think for a minute Apple wanted them or is anything other than extremely frustrated by them.
Master your iPhone in minutes
iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!
Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.